Department of Defense Fiscal Year (FY) 2015 IT President's Budget Request Overview

Transcription

1 Mission Area Business System Breakout Appropriation WMA 8, BMA 7, DIMA Total 30, Defense Business Systems 10, RDT&E 3, PROCUREMENT 4, DEF HLTH PR 2, DWCF 5, All Other Resources 20, ($M) EIEMA 14, ($M) OPERATIONS 13, ($M) MILCON MILPERS 1, FY14 to FY15 Comparison ($M) Inflation Program Change FY14/FY15PB Comparison ($M) Delta PB : 31, , , PB : PB : 34, , , , Delta: -2, , Explanation: The respective explanations for horizontal and vertical changes between and within President Budget Requests are best provided by referencing the proceeding explanations provided by each of Services, Components, and Agencies within this document. Explanation: The respective explanations for horizontal and vertical changes between and within President Budget Requests are best provided by referencing the proceeding explanations provided by each of Services, Components, and Agencies within this document. Inflation includes a 1.7% growth factor Page 1 of 34

2 Page left intentionally blank Page 2 of 34

3 Department of Defense (DoD) Chief Information Officer (CIO) The Department of Defense (DoD) FY15 total Information Technology Budget Request is $36.4B and represents a $1.2B (3%) decrease from the FY14 enacted. This request includes both unclassified ($30.3B) and classified ($6.1B) investments. Consistent with administration guidance, the Base DoD IT Budget remains constant in FY 2015 and projects a $.2B decrease over the FY15-FY19 Future Year Defense Plan (FYDP). 1 The DoD's classified IT budget request includes cyberspace operations investments and other classified IT investments; the classified IT budget is projected to remain relatively constant over the FYDP. Millions $50 $40 $30 $20 $10 $ FY 2013 The DoD s networks are a mission critical resource that underpins Information Operations, Command and Control, logistics, finance, transportation, medical, maintenance and other activities. The DoD CIO, therefore, is leading the implementation of the Joint Information Environment (JIE) initiative with a collaborative team of experts from DoD CIO, the Joint Staff, the Services, the Defense Information Systems Agency (DISA), US Cyber Command (USCC), and other DoD agencies in planning, synchronizing, and implementing actions to enable the Department to achieve JIE. The JIE effort was initiated based on the 1 Revised 16 May 14 FY 2014 FY 2015 FY 2016 FY 2017 FY 2018 FY 2019 Classified Unclassified FY14PB Total Commander, USCC s November 2011 brief to the Joint Chiefs of Staff on the risk associated with the inability to see, protect, and defend the entire DoD network and made recommendations to consolidate IT infrastructure for achieving improved effectiveness. Our primary goals are to make the Department more effective and more secure against cyber threats and vulnerabilities. A secondary, but very important goal is to reduce the cost associated with the Department s overall information technology infrastructure by simplifying, standardizing, centralizing, and automating infrastructure at the enterprise level. Additionally, the United States and its international partners face a world of complex national security challenges. Nowhere is this more apparent than in cyberspace. Cyberspace has emerged as a critical operational element in the military environment and ensuring the availability and dominance of cyberspace is a major challenge facing the DoD. The DoD s Cyberspace Operations and Information Assurance budget is a collection of efforts intended to operate, defend, and secure the information networks. A copy of the FY15 classified IT annex can be obtained by contacting the office of the DoD Chief Information Officer. (dollars in thousands) FY 2013 FY 2014 FY 2015 FY 2016 FY 2017 FY 2018 FY 2019 Army Unclassified $ 9,204,686 $ 8,537,042 $ 7,909,310 $ 8,162,803 $ 8,431,235 $ 7,884,385 $ 7,670,809 Classified $ 667,171 $ 839,048 $ 760,921 $ 901,309 $ 856,452 $ 859,458 $ 923,197 Sub-total $ 9,871,857 $ 9,376,090 $ 8,670,231 $ 9,064,112 $ 9,287,687 $ 8,743,843 $ 8,594,006 Navy Unclassified $ 7,199,397 $ 7,219,622 $ 6,730,760 $ 6,743,050 $ 6,521,833 $ 6,481,217 $ 6,500,028 Classified $ 716,827 $ 817,337 $ 980,723 $ 1,077,088 $ 1,100,751 $ 1,111,306 $ 1,136,552 Sub-total $ 7,916,224 $ 8,036,959 $ 7,711,483 $ 7,820,138 $ 7,622,584 $ 7,592,523 $ 7,636,580 Air Force Unclassified $ 6,557,097 $ 6,236,474 $ 6,412,211 $ 6,879,122 $ 6,509,167 $ 5,933,305 $ 5,501,997 Classified $ 834,539 $ 1,394,847 $ 1,517,468 $ 1,779,767 $ 1,726,648 $ 1,647,299 $ 1,604,729 Sub-total $ 7,391,636 $ 7,631,321 $ 7,929,679 $ 8,658,889 $ 8,235,815 $ 7,580,604 $ 7,106,726 Defense Wide Unclassified $ 8,987,252 $ 9,337,562 $ 9,239,910 $ 9,377,090 $ 9,559,667 $ 9,808,631 $ 10,009,833 Classified $ 3,055,729 $ 3,215,349 $ 2,854,831 $ 2,786,925 $ 2,831,424 $ 2,864,749 $ 2,908,352 Sub-total $ 12,042,981 $ 12,552,911 $ 12,094,741 $ 12,164,015 $ 12,391,091 $ 12,673,380 $ 12,918,185 Department of Defense Unclassified $ 31,948,432 $ 31,330,700 $ 30,292,191 $ 31,162,065 $ 31,021,902 $ 30,107,538 $ 29,682,667 Classified $ 5,274,266 $ 6,266,581 $ 6,113,943 $ 6,545,089 $ 6,515,275 $ 6,482,812 $ 6,572,830 Total $ 37,222,698 $ 37,597,281 $ 36,406,134 $ 37,707,154 $ 37,537,177 $ 36,590,350 $ 36,255,497 The DoD classified number above includes programs reported by the executing agencies as related to cyber. Discrepancies with other databases (e.g., S&T, MILPERS) exist. They are in the process of being reconciled. Page 3 of 34

4 Department of Defense Information Technology Budget The DoD CIO serves as the advisor to the Secretary of Defense and Deputy Secretary of Defense on networks; command and control (C2); communications; enterprise-wide integration of DoD information matters; information technology (IT); information management (IM); spectrum management; network operations; information systems; cybersecurity (CS); positioning, navigation, and timing (PNT) policy, including airspace and military-air-traffic control activities; and related matters. As the DoD Chief Information Officer, the DoD CIO provides the necessary leadership to meet the Net-Centric vision and ultimately deliver the critical enabling capabilities required by the National Defense Strategy. Transforming the DoD Information Enterprise requires fundamental changes in process, policy and culture across the Department. The technology change will be significant, but the cultural shift may be even more challenging. Timely and dependable information will be available across the enterprise: from higher level headquarters and command centers, to a soldier tracking insurgents, or a civilian in need of a new supplier. Ultimately, the role of the DoD CIO is to lead the Department to achieve an information advantage for our people and our mission partners Goals Netcentricity Mission Imperative Treating Information as a Strategic Asset Cultural Challenge Balancing need to know with need to share The Evolving DoD CIO challenge The Changing Landscape Societal Drivers Greater cyber threats Explosion of mobile devices User-driven innovation Federal budget pressures Changing Workforce Information Sharing now an EXPECTATION NOT a WISH Changing DoD Requirements More and better data at the edge Reduced implementation risk Secure Information Sharing Current Goals Anywhere, anytime, any device Mission Imperative Facilitating secure information exchanges Cultural Challenge Building trust to achieve unity of effort There is no exaggerating our dependence on DoD s information networks for command and control of our forces, the intelligence and logistics on which they depend, and the weapons technologies we develop and field. In the 21 st century, modern armed forces simply cannot conduct high-tempo, effective operations without resilient, reliable information and communications networks and assured access to cyperspace. Quadrennial Defense Review, February 2010 The DoD s IT budget is designed to deliver the DoD Information Enterprise envisioned by the National Defense Strategy, the National Military Strategy, the Quadrennial Defense Review (QDR), the Department s Strategic Management Plan (SMP) and the Joint Information Environment (JIE) Concept of Operations (CONOPS) and Implementation Plan. The National Defense Strategy of June 2008 noted that providing reliable information requires not only technological changes, but also changes that break down cultural barriers impeding progress. The DoD CIO s vision is that: We are about mission success. The mission accompanying this vision is based on the understanding that: Information is one of our nation s greatest assets. Our first and greatest goal, therefore, is to leverage that asset (or those assets) to the achievement of mission success in all operations of the Department: warfighting, business, and intelligence. Page 4 of 34

5 The DoD Information Enterprise (IE) enables a new constructed from the information itself, as well as a set of standards, services and procedures as described in the DoD Information Enterprise Architecture - that enable information to be widely available to authorized users. The delivered set of services and tools will provide information and capabilities that enable end-user communities to more effectively and efficiently support mission operations. The IT environment investments operate in over 6,000 locations worldwide, supporting the unique needs and missions of the three Military Departments and over 40 Defense Agencies and Field Activities within the Department. Finally, the DoD Information Enterprise includes the networks over which information travels and the security protocols that protect it. The DoD Information Resources Management Strategic Plan (IRM SP) establishes goals and associated objectives that form the basis for a roadmap to guide the transformation of the DoD from a stove-piped information approach to achieving the Department s information sharing vision. The Information Enterprise Strategic Plan fosters alignment of the Department s information sharing efforts, particularly those specified in the JIE Implementation Plan, by identifying, relating and measuring the development and implementation of specific information sharing policies, programs, and initiatives. The Information Enterprise Strategic Plan also highlights how organizations are leveraging net-centric information sharing capabilities to improve the effectiveness and efficiency of processes across the Department. Delivering this vision means: Treating information as a strategic asset; Establishing a robust, reliable, rapidly scalable and interoperable infrastructure; Achieving synchronized and responsive cyber space operations; Protecting and defending information and information systems against adverse events; Optimizing IT investments and more rapidly deploying IT capabilities; Department of Defense Improving and leveraging a highly skilled, innovative workforce to meet these emerging and expanding mission requirements. The success of DoD s information sharing environment is predicated upon achieving secure information sharing within the context of a highly contested information environment. To maximize the potential of the information sharing enterprise, solutions must enable both sharing information widely and stringent protection mechanisms. Page 5 of 34

6 Joint Information Environment (JIE) Department of Defense The DoD CIO is leading the implementation of the Joint Information Environment (JIE) initiative with a collaborative team of experts from DoD CIO, the Joint Staff, the Services, the Defense Information Systems Agency (DISA), US Cyber Command (USCC), and other DoD agencies in planning, synchronizing, and implementing actions to enable the Department to achieve JIE. The JIE effort was initiated based on the Commander, USCC s November 2011 brief to the Joint Chiefs of Staff on the risk associated with the inability to see, protect, and defend the entire DoD network and made recommendations to consolidate IT infrastructure for achieving improved effectiveness. Our primary goals are to make the Department more effective and more secure against cyber threats and vulnerabilities. A secondary, but very important goal is to reduce the cost associated with the Department s overall information technology infrastructure by simplifying, standardizing, centralizing, and automating infrastructure at the enterprise level. A team consisting of experts from across the DoD is currently working through the technical, operations, and governance approaches to develop an implementation plan of action and milestones, and associated cost estimates that will execute the current Department of Defense (DoD) Information Technology (IT) Enterprise Strategy and Roadmap (DoD ITESR) (Version 1.0 dated 6 September 2011). We are using the intelligence community s information technology effectiveness modernization efforts to inform the JIE planning. The initial DoD ITESR consolidation initiatives represented ongoing activities that the DoD CIO identified in coordination with the Services. The validation of these initial activities permitted the Services to focus their limited resources on implementing the following eight near term initiatives (Consolidate Security Infrastructure, Implement Cross- Domain Solution as an Enterprise Service, Joint Information Environment (JIE)/Joint Enterprise Network (JEN), Data Center and Server Consolidation, Enterprise Messaging and Collaboration (including ), Identity and Access Management (IdAM) Services, Consolidate Software Purchasing, and Consolidate Hardware Purchasing). In the DoD ITESR these initiatives across the Services were optimized at the Services levels. The overall JIE approach is to further optimize the IT normalization to the DoD and Joint levels. The ultimate beneficiary of JIE is the commander in the field, allowing for more innovative integration of information technologies, operations, and cyber security at a tempo more appropriate to today s fast-paced operational conditions. Specific benefits include: A standardized information and security architecture will improve how DoD operates and secures its networks on a global level. Users and systems will be able to trust their connection from end to end with the assurance that their activity will not be compromised. The JIE s single security architecture will enable cyber operators at every level to see the status of their networks for operations and security and enable commonality in how cyber threats are countered. The Department will know who is operating on its networks and what they are doing, and be able to attribute their actions with a high degree of confidence. This will minimize complexity for a synchronized cyber response, maximize operational efficiencies, and reduce risk. Page 6 of 34

7 Consolidation of data centers, operations centers and help desks will enable users and systems to have timely and secure access to the data and services needed to accomplish their assigned missions, regardless of their location. A consistent DoD-wide IT architecture supports effective fielding of Department capabilities in support of information sharing, as well as sustainment and integration of legacy systems. The Department will have to make the required investments to effect the transition from the Department s as-is environment to the desired to-be state. The JIE will be operated and managed per the Unified Command Plan (UCP) using enforceable standards, specification, and common tactics techniques & procedures (TTPs). The JIE framework of IT capabilities and processes will ultimately result in a secure, joint information environment comprised of shared IT infrastructure, enterprise services, and a single security architecture. Page 7 of 34

8 Leading the Department to Achieve an Information Advantage for our People and our Mission Partners Information as a Strategic Asset Interoperable Infrastructure Synchronized and Responsive Ops Cyberspace Operations A robust information environment provides DoD and mission partners access to discoverable, authoritative, relevant, trusted, and actionable information and services to enable effective and agile decisions for mission success. A more robust, reliable, rapidly scalable and interoperable infrastructure provides connectivity and computing capabilities that allow all DoD users and mission partners to access, share, and act on the information needed to accomplish their missions. The DoD Information Enterprise (IE) infrastructure, critical assets, and capabilities are operated, secured, and defended in a synchronized manner by all DoD components to support commanders in achieving mission success. DoD can accomplish its missions in the face of cyber warfare by a capable adversary. Major enabling objectives: Broaden Enterprise Services Increase Information Availability Build Community-based Solutions Leverage Cloud Computing Services Leverage Pilots and Experimentation Strengthen Information Sharing with Mission Partners Major enabling objectives: Data Center Consolidation Shared Computing Resources Dynamic NetOps Increase Transmission Capability Enhanced Communications Interfaces Protect DoD Internet Equities Major enabling objectives: Manage NetOps Risk IE Situational Awareness and Management Aligned NetOps Policies and Standards Major enabling objectives: Resilience to operate through cyber attacks Agile, safe information sharing with mission partners Robust attack detection diagnosis and response Information security Optimizing IT Investments An integrated information enterprise IT investment and IT portfolio management capability that maximizes the contribution of IT-IA investments to national security and Defense outcomes. Agile IM/IT/IA Workforce An agile IM/IT/IA workforce able to dynamically operate, defend, and advance the Defense Information Enterprise. Page 8 of 34

9 Information as a Strategic Asset Department of Defense Information is an asset: a source of power and a force multiplier. DoD and mission partners will obtain an information advantage when timely, secure and trusted information is available to all decision makers. We are moving rapidly to achieve a Service-Oriented Information Enterprise where all data assets, services and information sharing solutions must be visible, accessible, understandable and trusted by all authorized users, except where limited by law, policy or security classifications. Independent data efforts across Combatant Commands, Military Departments (MILDEPS), Defense Agencies and Field Activities, and with mission partners will be aligned and leveraged to improve data quality, integration, transparency and sharing. Once achieved, warfighters will get the critical information they need to make timely decisions affecting operations. The Department continues to take important steps to become more open, transparent and accountable by providing data and information that is of importance to the public. DoD continues to provide greater access to the Department s data with 32 datasets and 270 tools posted on Data.gov. The DoD Open Government website was updated to improve usability and DoD s Freedom of Information Act (FOIA) website now includes over 300,000 pages of FOIA responses online. DoD is also using social media technologies to foster participatory dialog with the public and increase engagement through blogs, apps, mobile resources, and collaboration tools. The Department is committed to realizing the value of cloud computing by driving delivery and adoption of a secure, dependable DoD Enterprise Cloud Computing Environment that improves IT efficiencies, enhances mission effectiveness, meets mission needs and supports anywhere, anytime, information access, in alignment with Federal and Department-wide IT efficiency initiatives. The Department has specific challenges that pose careful adoption considerations, especially in areas of cyber security. DoD plays a key role in Federal Cloud Computing initiatives such as the Federal Risk and Authorization Management Program (FedRAMP) that is addressing security concerns. The DoD Cloud Computing Strategy provides an approach to move the Department to an end state that is an agile, secure, and cost effective service environment that can rapidly respond to changing mission needs. There are two key components of the Department s cloud strategy. The first component is the establishment of a private enterprise cloud infrastructure that supports the full range of DoD activities in unclassified and classified environments. The second is the Department s adoption of commercial cloud services that can meet the Departments cybersecurity needs while providing capabilities that are at least as effective and efficient as those provided internally. DISA has been designated as the DoD Enterprise Cloud Service Broker to facilitate and optimize access and use of commercial cloud services that can meet DoD s security and interoperability requirements, and ensure that new services are not duplicative of others within the Department while consolidating cloud service demand at an enterprise level. In addition, DISA, as the DoD broker, will leverage the FedRAMP standardized security authorization process, including the accepted minimum security baseline for low and moderate services, and ongoing continuous monitoring to ensure that appropriate security controls remain in place and are functioning properly. Enterprise services are a key element of achieving more effective operations and improved security across the Department. An example of what the Department is doing in this area is Defense Enterprise , which is an enterprise messaging tool, built by consolidating existing disparate servers into a global capable server and operated by DISA on a fee-for-service basis, which provides DoD with a common enterprise directory service and a consolidated service. As of March 2013, there are 976,000 enterprise users on the Department s unclassified network and 21,000 users on the DoD Secret network, and continued adoption and consolidation to this capability is expected in the future. Page 9 of 34

10 Interoperable Infrastructure Department of Defense Achieving mission success in today s operational environment, which increasingly involves joint, combined, and non-military partners, requires a dynamic and interoperable infrastructure consisting of communications, transport, and computing capabilities. Gaining and maintaining a persistent and dominant information advantage requires robust world-wide connectivity to enable highly effective information sharing across DoD and with its external mission partners. A reliable and rapidly scalable information infrastructure is the foundation for realizing enterprise alignment through greater integration of applications, services and systems, thereby strengthening operational effectiveness and efficiency. This effort focuses on delivering the integrated information enterprise infrastructure that DoD needs to harness the power of information. In August 2010, the Secretary of Defense directed the consolidation of IT infrastructure to achieve savings in acquisition, sustainment, and manpower costs and to improve the DoD's ability to execute its missions while defending its networks against growing cyber threats. In response, the Department has identified opportunities to consolidate DoD IT infrastructure through several initiatives, one of which is Data Center Consolidation (DCC) which is consistent with the Federal Data Center Consolidation Initiative (FDCCI). DoD Components are considering all options for achieving consolidation that includes infrastructure consolidation, virtualization and cloud computing, operational efficiencies, and application rationalization to name a few. The current DoD goal is to reduce data centers by 572 by the end of FY15. DoD has confirmed the closure of 247 data centers since FY11. DoD continues to identify additional data centers for closure and is aggressively pursuing consolidation and virtualization. Based on the latest quarterly data center closure tracking, the DoD has projected the closing of 237 data centers in FY14 and 88 data centers in FY15. The savings estimates provided vary from previous estimates due to maturation of DoD's data center inventory and the cost model used to estimate savings. During FY13, DoD's data center inventory changed as a result of additional discovery and reconciliation of invalid records. Further, inventory values for server counts, storage, operating systems, personnel, etc. were refined, and closure dates were adjusted to reflect current planning. To estimate the savings from the revised inventory, DoD used the most up to date version of DoD's cost model which is a derivative of OMB's data center Total Cost of Ownership (TCO) model. DoD's model provides a more realistic estimate of TCO and, therefore, more accurate estimates of realized and projected savings. Page 10 of 34

11 DoD Data Center Consolidation Savings Summary (FY11-FY15) Summary Metrics FY 2011 FY 2012 FY 2013 FY 2014 (2) FY 2015 (3) Data Center Closures # Total Impacted Servers 3,170 3,531 2,855 5,367 2,472 Annual Projected Savings (4)(5) $11,568,230 $7,595,561 $85,675,474 $39,915,170 $7,849,484 Cumulative Projected Savings (4) $11,568,230 $19,163,791 $104,839,265 $144,754,435 $152,603,919 Cumulative Realized Savings (4)(5) $11,568,230 $19,163,791 $104,839,265 $144,754,435 Notes: (1) DOD Total Cost of Ownership Model used (Version February 10, 2014) for Q1FY14 OMB Data Set (2) Based on YTD for Q1FY14 and projections for the rest of the year (3) Forward looking projections. Efficiency savings can only be estimated based on actuals that will be reported at the end of FY15 (4) In FY12 dollars (5) Savings are realized the fiscal year after closure year Footnote 2 The Department recently compiled a global inventory of its data centers, and is establishing four classes of data centers to assist in the development and execution of our data center consolidation strategy. These four types of data centers are: Core Data Center (CDC) delivers enterprise services and provides primary migration point for systems and applications; these are our most important data centers, strategically located to provide speed of access to global information requirements; Installation Processing Node (IPN) provides local services to DoD installations and hosting systems not suited for CDCs, these will be located at the installation level, and will consolidate the duplicative data centers at the installations; 2 Revised 4 April 14 Page 11 of 34

12 Department of Defense Special Purpose Processing Node (SPPN) provides compute and storage for fixed infrastructure or facilities, such as test ranges, labs, medical diagnostic equipment, and machine shops. Tactical/Mobile Processing Node (TPN) provides support to the deployed warfighter at the tactical edge; these unique data centers directly support the warfighter in a disadvantaged or tactical environment, but connect back into the Generating Force information sources and core data centers. The DoD Core Data Center Reference Architecture was published in October 2012 and provides the foundation for the DoD s data center consolidation efforts as well as supports the emerging Department s Cloud Computing capability, which will be tied to data centers. Synchronized and Responsive Operations Synchronized and Responsive Operations will enable all DoD components to operate, secure, and defend the Information Enterprise consistently. Operating in this coordinated manner will contribute significantly to mission success, help achieve and maintain cyberspace superiority within a contested environment, and support authorized users' access to timely and trusted information when and where it is needed. This effort entails establishing GIG situational awareness from the core to the tactical edge, improving NetOps capabilities, enhancing C2 capabilities for allocating and managing IE resources, and strengthening enforcement of IE policies and standards. Information sharing across organizational boundaries and functional disciplines will be the norm. DoD personnel will increasingly rely upon timely access to trusted, secure information on a shared basis to facilitate decision-making processes at all levels of the command structure. Cyberspace Operations In recognition of cyberspace as an operational domain and the emerging mission to Defend the Nation against cyber threats as directed by the President, this year s budget provides funds to increase defensive capabilities and develop the cyber Joint Force under a new force planning model. The unique attributes of cyberspace operations require trained and ready cyberspace forces to detect, deter, and, if directed, respond to threats in cyberspace. Securing and defending cyberspace requires close collaboration among Federal, state and local governments, private sector partners, and allies and partners abroad. This year s budget establishes dedicated cyber teams to execute this mission on Defense Department networks and in support of Combatant Command and national missions. This budget reflects an emphasis on enhancing our workforce to successfully execute defensive and offensive missions in cyberspace. The Department is implementing a new cyber force planning model that will realign military, civilian and contractor manpower positions (with associated support costs) under U.S. Cyber Command (USCYBERCOM) in a three-year phased build-up beginning in FY This provides manpower, training and support costs for regional cyber mission teams to be located in Maryland, Texas, Georgia and Hawaii as well as other Combatant Command and military service locations. In addition, manpower at the National Security Agency continues to be funded to provide both cybersecurity and intelligence support to the USCYBERCOM teams. This overall force construct will provide capacity for the Defend the Nation mission, the cyber combat mission (in support of Combatant Command needs), and the cyberspace protection mission which defends Defense Department networks. Page 12 of 34

13 Optimized IT Investments Department of Defense Optimizing IT investment is based on realizing the vision to institutionalize IT management best practices. Investment review boards that govern DoD IT investments across missions are central to this vision. These review boards are tasked to review the strategic relevance of all significant investments. Optimizing IT investments will be driven by wider adoption of IT investment governance, greater utilization of the DoD Enterprise Architecture, increased agility in acquisition processes, coordinated management of IT portfolios, improved oversight of compliance with applicable regulations, including Section 508 of the Rehabilitation Act for accessibility of IT to persons with disabilities, and the establishment of an environmentally responsible IT culture focused both on cost efficiencies and the reduction of the IT influenced carbon footprint. Agile IT/Cyberspace Workforce Timely, trusted and shared defense information is stored on and shared through transformative technology solutions that are designed, secured and implemented by a highly skilled workforce providing IT, Cybersecurity, and IT acquisition mission capabilities. Rapid technology advancements, coupled with increasing cyberspace challenges, require agile, fiscally responsible, and forward thinking individuals to architect, design, develop, acquire, operate, maintain and protect DoD IT/cyber resources, as well as strategic policy makers, planners and managers who oversee the governance of the DoD Information Enterprise. Strategic workforce planning supports the development of a broader balanced workforce with the experience, aptitude and creativity to deliver enterprise capabilities to support the business, intelligence and warfighting missions of the Department. Portfolio Management The Department s IT investments are critical in supporting our military forces in their mission of protecting our Nation s security. These investments support the effective and efficient use of information as a strategic asset in military and business operations to improve the operational effectiveness and security of the information and networks transporting the information. DoD manages IT investments in portfolios as part of the holistic management of broader organizational and functional portfolios to support the Department s mission success; ensure efficient and effective delivery of capabilities; and maximize return on investment to the Enterprise. Each portfolio is managed using content and organizing constructs within the DoD Enterprise Architecture, plans, risk management techniques, capability goals and objectives, and performance measures. This will improve the consistency and effectiveness of decision-making processes of the Department, including the Joint Capabilities Integration and Development System (JCIDS), Defense Acquisition System (DAS), Business Capability Lifecycle (BCL), Planning, Programming, Budgeting and Execution (PPBE), and Joint Concept Development and Experimentation (JCD&E), in a manner that enables better-informed decisions. A four Mission Area construct (Warfighting, Business, Intelligence, and Enterprise Information Environment) was introduced in 2005 as an IT Portfolio Management (IT PfM) and Enterprise Architecture (EA) construct in DoDD , IT Portfolio Management. These designations were purposefully very broad to provide some base level of alignment and accountability for managing the Department s IT portfolio. The DoD CIO aligns IT investment management as part of the Department s overall processes not as a separate, discrete process. IT PfM is a portion of the overall responsibilities of process owners and organizations across the Department. Consequently, within DoD it is the responsibility of the core process owners and Components to develop architectural content to support their respective areas. The DoD CIO is aligning IT investment management Page 13 of 34

14 and EA policy focusing on: 1) providing frameworks and tools to support DoD EA development and use to support IT PfM; and 2) implementing emerging portfolio management concepts such as OMB s PortfolioStat within DoD. In accordance with OMB guidance, DoD is reporting its IT/NSS budget in terms of a set of EA segments. To align with DoD s evolving portfolio management construct, the DoD IT budget can be described through the following segments: Business Services Enterprise Services Core Mission (Warfighting) Core Mission (Intelligence) IT investment prioritization within and among DoD EA segments is a collaborative process involving the DoD CIO, Joint Staff, OSD Principal Staff Assistants (PSA), Deputy Chief Management Officer (DCMO) and the DoD Components (including Military Departments, Combatant Commands (e.g., CENTCOM), and Defense Agencies). From the top, prioritization starts with a review of the strategic objectives of the Department designed to support the National Security Strategy. The flow down is from the National Security Strategy, to the National Defense Strategy, the National Military Strategy and the Quadrennial Defense Review. Based on this guidance the Department has developed a management framework that includes guidance on developing the force and a related set of operational concepts that outline how we will prepare our military forces to achieve these strategic objectives. The prioritization for IT investments is accomplished through collaboration and focuses on DoD warfighting functions as the key mission of the Department. Even the IT prioritization for business and IT enterprise services are focused primarily on providing support to the warfighter. IT plays a major role in each of these functions and services and the DoD CIO has a role in the decision process, as well as serving as the lead for the IT infrastructure functional area. Business Service Segments and Defense Business Systems: Commonly referred to as the business mission area, this segment provides direct support to the warfighter through the enabling functions and information systems to support business activities, such as Acquisition, Technology, and Logistics; Financial Management, Personnel and Readiness, Installations and Environment; and Defense Security. The business mission area is aligned to support the warfighter through the Strategic Management Plan (SMP), which is linked to the QDR by its strategic goals and initiatives. In addition to guiding the business activities of the Department to support the warfighter, the SMP also articulates changes needed in the business mission area while enabling unity of effort across the enterprise. The current SMP includes seven overarching business goals: 1. Strengthen and right-size the DoD total workforce 2. Strengthen DoD financial management 3. Build agile and secure information technology capabilities Page 14 of 34

15 4. Increase the buying power of the DoD Department of Defense 5. Increase operational and installation energy efficiency 6. Re-engineer/use end-to-end business processes 7. Create agile business operations that support contingency missions Each business goal is supported by key initiatives needed to achieve the business outcome. Another foundation is the introduction of Functional Strategies developed by the business line owners, known as Principal Staff Assistants (PSAs). Functional Strategies define business outcomes, priorities, measures, and standards. Organizational Execution Plans developed by each Component articulate their planned approach by aligning to and implementing their part of the Functional Strategies. Section 901 of the Fiscal Year 2012 National Defense Authorization Act (FY 2012 NDAA), codified as Title 10, U.S.C 2222, includes significant changes to the requirements for investment review and certification of Defense Business Systems before funds, whether appropriated or non-appropriated, can be available for obligation.. Section 901 also requires the establishment of a single Investment Review Board (IRB) and an investment management process, consistent with section of Title 40. It expands the scope of systems requiring certification to include any business system with a total cost in excess of $1M over the period of the current future years defense program, regardless of type of funding or whether any development or modernization is planned. In the prior IRB process, approximately $1.8 billion in funding for defense business system investments was assessed and certified each year. The expanded scope in Section 901 resulted in the assessment of approximately $7B in FY 2013 funds certification requests submitted for business system information technology (IT) solutions. The legislation requires active participation at most levels across DoD and enables an integrated, portfolio-based approach for the annual evaluation and funds certification of defense business system investments. When assessing the FY13 certification requests, DoD assessed the amount of funds requested for certification, strategic alignment, utility, and compliance of each system within the broader functional portfolio. When assessing the portfolios, DoD considered the functional strategies developed by the appropriate business line owner (DoD Principal Staff Assistant (PSA)) and then analyzed the portfolio more broadly against other investments in the Department and against the overarching DoD priorities and lessons learned from previous business system investments. This new investment management approach allows for an expansive and thorough look at how investments within a given functional or organizational portfolio fit and help to enable smart investment decisions that align to mission priorities. The process focuses on DoD Components taking responsibility for reviewing and aligning all business system investments within their Component prior to bringing their plans to the Defense Business Council (DBC), which is the governing body that reviews the proposed investments. As the new IRB process stabilizes and matures, the business mission area will more directly link the certification decisions to the budget process by reviewing and providing certification decisions earlier in the budget cycle to allow changes to the budget submissions based on certification outcomes. Looking at and beyond, the business mission area recognizes that it must transform its business operations in order to meet today s business challenges. The business mission area has established a set of guiding principles to inform strategy and operations for the years ahead. These guiding principles include (1) the need for a cost culture, (2) effective data management and analytics, (3) continued modernization and rationalization of business systems and, (4) improved business alignment. These four cross-cutting Page 15 of 34

16 principles will help guide DoD as it executes its strategic vision for business operations. The influence of these guiding principles as we execute our initiatives in support of our goals enables us to gain value from our actions and will form the backbone of the Department s 21st century business operations. Internalizing a cost culture is highly relevant to the DoD IT budget. With at least $500 billion in DoD-wide budget cuts to be absorbed over the next 10 years, we have been asked to do more without more. Without the support of a growing budget, instilling a strong cost culture across the department will be critical to enabling the business mission area to continue to deliver value to the warfighter. This culture of accurately estimating, capturing and analyzing costs, and delivering our products and services at or below targeted costs will help us not only meet our budget mandates, but also enable the business mission area to operate like the twenty-first century business enterprise that we aspire to be. We will use cost analyses to inform where we will invest and how we will manage our business operations in order to provide high value to the warfighter at an affordable cost. This approach will be used across the business mission area and applies to IT investments as well. Effective data management and analytics will be a core competency in our cost culture. The business mission area will build capacity to manage the data available and require that investment, acquisition and management decisions are made with full consideration of relevant data sources. Some reports estimate that the amount of business data produced in the world is doubling every few years or even faster. This data, or information, can be a critical asset to the Department, especially given the fiscal challenges we now face. In industry, we have observed that those organizations who harness the power of the data to make decisions can outperform those that do not. Using industry as a guide, we believe that using data effectively to make decisions can have an even greater impact on our ability to deliver value to the warfighter than hiring more people or investing more in information technology solutions. Our desire to make decisions informed by data is applicable to all parts of the business mission area, and it is especially relevant as we work to modernize and rationalize our defense business systems portfolio. Our knowledge and experience in this space tells us that there are opportunities to both modernize and rationalize our business systems to achieve more efficient and effective operations. Unintentional business system redundancies drain the department of increasingly scarce resources, can create interoperability and data challenges, and can inhibit our ability to efficiently support the warfighter. A focus on cost effective investments in business solutions that provide timely and accurate data for decision making also enables the achievement of our business goals. Informed business system modernization and rationalization will also enable the realization of the expected value of our newer business systems, including ERPs. For The Department s investment review process we have been able to use data as an input to business system modernization and rationalization decision making. Enabling business alignment of our strategy with our operations across the Military Components and Defense Agencies will improve performance while reducing redundancies and overlaps is another key guiding principle for our operations. In addition to communicating our strategy to shape the daily operations across our organization, we must measure our performance to assess progress toward achievement of our goals and strategy. If we fall short, we will reassess our priorities and resource allocations. Aligning our strategy to our operations across the Military Components and Defense Agencies will also require top-down support for our goals Committing to the accomplishment of this strategy and aligning each organization to achieve these common goals is paramount and requires both transformation and the break-down of many siloed processes, approaches, and views of the business mission area. Enterprise Services Segments: The office of the DoD CIO is the primary organization responsible for IT Management and IT Infrastructure for the Department. The DoD CIO Executive Board is the principal DoD forum to advise the DoD CIO. The DoD CIO Executive Board membership is composed of DoD Principal Staff Assistants, and CIOs of Page 16 of 34

17 the Military Departments, Joint Staff, Intelligence Community, Joint Warfighting Community and the Office of the Secretary of Defense. Under the DoD CIO Executive Board are three Review Groups, C4/Cyber Operations & Defense Review Board, Enterprise Architecture & Services Review Board, and the Information Resources Management Investment Review Board which serve as senior forums in the Department. They are responsible for guiding and oversight of enterprise-wide IT solution security, design, and investment. The DoD CIO has established specific processes, policies and standards for managing IT investments associated with the Cyber Identity and Information Assurance segment. Enterprise services, shared services, and strategic sourcing investments include those supporting a robust, reliable, efficient and interoperable infrastructure. Core Mission Segments (Warfighting): The Joint Staff together with the OSD staff guides the Department's IT investments that directly support DoD s front edge warfighting (and other core mission) requirements. The Joint Staff has developed and implemented the JCIDS process as its primary means of prioritizing and managing the capabilities being developed, including IT and NSS. The JCIDS process is driven by the strategic direction described above, input from the Combatant Commanders in the form of Integrated Priority Lists and the Joint Requirements Oversight Council by way of Joint Requirements Oversight Council Memorandums and Functional Capability Boards. In addition, many of these core mission segments have tailored enterprise-level processes, structures and tools for managing their IT investments. Core Mission Segments (Intelligence): The Undersecretary of Defense for Intelligence (USD(I)) together with the Director of National Intelligence formulates guidance for intelligence support to the Warfighter. The Intelligence Community's Information Integration Program Advisory Council serves as the primary governance body for architecture and has decomposed the Intelligence Mission Area into four pillars for managing their enterprise. The primary tools used are the Intelligence Roadmap and Transition Strategy and work is proceeding on development of enterprise and segment architectures. IT investments are a key enabler in the transformation of Defense Intelligence into an enterprise that supports the integration and synchronization of capabilities across all phases of the Intelligence, Surveillance, and Reconnaissance mission. These capabilities include ISR planning and direction, collection, processing and exploitation, analysis and production, and dissemination for the DoD intelligence, counterintelligence and security communities. The resultant Defense Intelligence Enterprise will enable access to the totality of intelligence resources and more effectively meet the needs of national and defense customers. egovernment The Department of Defense has and continues to benefit from the implementation of IT Management requirements supporting the President s agenda for transparency, information sharing, alignment of architectures, advancement of new technologies, and Federal-wide initiatives. E-Government Projects/Initiatives support the implementation Page 17 of 34

18 and oversight, within the Department, of Federal-wide IT initiatives such as Enterprise Architecture, Federal Information Sharing, Cloud Computing, E-Government Analysis & IT Portfolio Management, IT Consolidation, and IM/IT/IA workforce development. The following initiatives will be funded by DoD agency contributions 3 in FY (Funding identified in actual dollars) Initiative FY14 FY15 Financial Management LoB $187,342 $178,140 Human Resources Management LoB $260,870 $260,870 Federal Health Architecture LoB $2,094,000 $2,094,000 Geospatial LoB $42,000 $225,000 Budget Formulation and Execution LoB $105,000 $105,000 DoD Total $2,689,212 $2,863,010 Objective of egovernment Initiatives 4 : Financial Management LoB / Managing Partner, General Services Administration - The FM LoB supports government-wide efforts to improve the reliability and accessibility of public and internal financial data through standardization of data elements and development of resources to support a well-qualified workforce. Furthermore, the FM LoB provides funding and resources to improve government-wide financial management initiatives for real property, federal spending transparency, and identification of opportunities to streamline financial management processes within various Centers of Excellence (i.e. grants, loans, fixed assets, etc.). The FM LoB supports agency implementation of Federal financial management systems and other reforms that: Facilitate stronger internal controls to ensure integrity in accounting and other stewardship activities; Reduce costs by enabling agencies to implement and operate financial management systems through shared service provider solutions; 3 Agency contributions reflect commitments of funding and/or in-kind services provided by partner agencies to initiative managing partner agencies in support of developing, implementing, and/or migrating to E-Government common solutions. Contribution amounts are determined annually through collaborative, inter-agency E-Government initiative governance structures and are subject to approval by OMB. 4 OMB Report to Congress on the benefits of the President s E-Government Initiatives for Fiscal Year Page 18 of 34